So far I have a complete phase 1, and an almost complete phase 2, but one thing I can't figure out. I see this in the debug.
peer is not authenticated by xauth - drop connection.
I get it right after the proxy is setup.
Here is my config
group-policy DefaultRAGroup attributes
vpn-tunnel-protocol ikev1 l2tp-ipsec
tunnel-group DefaultRAGroup general-attributes
tunnel-group DefaultRAGroup ipsec-attributes
ikev1 pre-shared-key *****
ikev1 user-authentication none
I have tried many different configurations on both sides, but they all fail with the same error of peer not authenticated by xauth.
Don't use DefaultRAGroup - I think that means you it will automatically try to build a user VPN rather than a dynamic L2L.
Change the pre-shared key on the DefaultRAGroup to be something else (so it doesn't match what the other side is sending). Put all the config you have for DefaultRAGroup tunnel-groupp and group-policy on DefaultL2LGroup tunnel-group and group-policy instead.
Usually the DefaultRAGroup is a 'remote-access' type which doesn't mean L2L. DefaultL2LGroup should hopefully fix it.